OnDemand | Secrets Detection: Why Coverage Throughout the SDLC is Critical to Your Security Posture
Did you know that once a secret makes it into a Git commit history, it stays there forever and can be left undiscovered for months or years? Recent attacks like Uber and Toyota underscore the risks. Once hackers gain access to critical systems via an exposed secret, they can move laterally across an organization to orchestrate dangerous supply chain attacks.
Join us as we walk through the problem of secrets in the modern development environment and what it takes to detect and prevent secrets in even the most complex organizations. You will learn:
- How to detect different types of secrets across your entire SDLC, not just in source code, but also pipelines and even Confluence.
- Best practices for preventing secrets from being inadvertently pushed to production.
- The value of prioritization and context when it comes to secret scanning, and how this can help you remediate faster.
- How innovative tools like AI can reduce the noise and false positives associated with secrets scanning.